Cisco Secure Firewall vs Sophos XG comparison

Cancel
You must select at least 2 products to compare!
Cisco Logo
96,842 views|63,474 comparisons
Sophos Logo
58,975 views|43,282 comparisons
Comparison Buyer's Guide
Executive Summary
Updated on Nov 23, 2022

We performed a comparison between Cisco Secure Firewall and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of Cisco Secure Firewall share mixed reviews on deployment. Some find it easy while others say the setup is not straightforward. Sophos XG users agree that deployment is easy.
  • Features: Users of both solutions are happy with the products’ stability and scalability.

    Cisco Secure Firewall users like that the solution has good security and filtering and good application visibility and control. Users say they would like to see an improved interface and better logging functionality, and that it would be good if the solution had a policy-based routing feature.

    Sophos XG reviewers say the solution is intuitive, has a strong VPN, and includes impressive firewalling. Users would like to see more integration options with other systems, and also say that the SD-WAN needs improvement.
  • Pricing: Users of both solutions have mixed opinions on the pricing. Some consider it to be expensive. Others say it is comparable to other solutions.
  • Service and Support: Users of both solutions are satisfied with the technical support they receive. A few Sophos XG users say response times could be faster.
  • ROI: Users of both solutions report a good ROI.

Comparison Results: The two solutions are very comparable. The only major difference between the two is that some users of Cisco Secure Firewall consider the deployment to be somewhat complex.

To learn more, read our detailed Cisco Secure Firewall vs. Sophos XG Report (Updated: January 2023).
672,411 professionals have used our research since 2012.
Q&A Highlights
Question: Which firewall to choose for an SMB to prevent malware damage: Cisco Firepower or Sophos XG?
Answer: I prefer Sophos. I find it easy to use and it has better features on malware and threat management.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The TAC is always very helpful. We pay for Tier 1 support, so we get whatever we need from them. They always give us a solution. If they can't give us an answer that day, they get back to us within at least 24 hours with a solution or fix. I have never had a problem with the TAC. I would rate them as 10 out of 10.""Cisco has the best documentation. You can easily find multiple documents by searching the web. Even a child can go online and find the required information.""The remote access, VPN, and ACL features are valuable. We are using role-based access for individuals.""This solution helped us to identify the key areas where we need to focus to block traffic that is malicious to our organization.""I like that Cisco Firepower NGFW Firewall is reliable. Support is also good.""All the rules are secure and we haven't had a significant malware attack in the five years that we've been using ASA Firewall. It has been a tremendous improvement for our network. However, I can't quantify the benefits in monetary terms.""One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now.""I'm a big fan of SecureX, Cisco's platform for tying together all the different security tools. It has a lot of flexibility and even a lot of third-party or non-Cisco integration. I feel like that's a really valuable tool."

More Cisco Secure Firewall Pros →

"A valuable feature involves the solution's manageability.""We created and configured a VPN for connecting our remote sites and also to make it more secure and reliable. We also like its two-factor authentication features.""Sophos began with a basic version and evolved into something more efficient in terms of performance.""Dashboard is easy to use and the reporting offers a lot of detail.""The multifactor authentication is helpful because whenever the user wants to connect to the firewall, they have to use the authenticator before they can access it.""They really work scalability into the solution at the outset.""The most valuable features of Sophos XG are user-friendliness and it is highly secure.""It is very easy to configure and straightforward. The firewall rules are straightforward. It works great out of the box. It has been working as advertised, and I haven't had any issues with it."

More Sophos XG Pros →

Cons
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue.""A feature that would allow me to load balance among multiple ISPs, especially since we have deployed it as a perimeter firewall, would be a great addition.""I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here.""They could improve by having more skilled, high-level engineers that are available around the clock. I know that's an easy thing to say and a hard thing to do.""Maybe the dashboard could be a bit better.""The only drawback of the user interface is when it comes to policies. When you open it and click on the policies, you have to move manually left and right if you want to see the whole field within the cell. Checkpoint has a very detailed user interface.""An area for improvement is the graphical user interface. That is something that is coming up now. They could make the product more user-friendly. A better GUI is something that would make life much easier.""There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."

More Cisco Secure Firewall Cons →

"Everything is working as expected at this moment, but the anti-spam solution in Sophos XG needs to be improved. It needs more granular features and more stability. The anti-spam solution currently doesn't have many features, and we would like to have more features. At this moment, there is no expression filter for anti-spam. We need something to be able to filter subjects or attachments in emails based on the keyword. Sometimes, there is an issue with anti-spam, and Sophos XG suddenly stops processing incoming or outgoing emails. The only solution for this issue is to restart the appliance. Their support should be improved. It takes a long time to escalate a support case from level one to level two.""The only area that requires improvement is scalability.""The support service level agreement in regard to the amount of time needed to upgrade things is too low. It should be higher.""There have been some issues when upgrading. For some reason, parts of the configuration become unconfigured, I then have to reconfigure it. I should not need to keep reconfiguring it after upgrades.""When it comes to improvements that the vendor can make, we see that the cloud integration for managing all the firewalls is essentially a replacement of the on-prem version we had and is not sufficiently mature.""Over the last six months, we have noticed that the hardware is slow, especially the VPN connections.""The VPN features can be improved. Due to covid-19, we have a lot of employees that work from home and we need better VPN capabilities.""The VPN device could be improved upon."

More Sophos XG Cons →

Pricing and Cost Advice
  • "The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case."
  • "I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
  • "It is affordable. The hardware is not that expensive anymore. It is a matter of licensing these days."
  • "Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
  • "I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
  • "We are happy with its price. Licensing is on a yearly basis for technical support. There is one license for technical support. There is another license for IP Version 2 VPN and IPS."
  • "I am happy with the product in general, including the pricing."
  • "Their pricing is very aggressive and good. Even a small company can afford it. I am happy with its pricing. Its licensing is on a yearly basis."
  • More Cisco Secure Firewall Pricing and Cost Advice →

  • "In terms of price, it is a mid-range product."
  • "At first, I thought the price was very high. But when I read about the machine's features, we decided to go with it."
  • "When comparing with Palo Alto and Cisco, Sophos is cheaper."
  • "I paid for a license for the solution for three years costing approximately $11,000. Additionally, I received the Web Appliance fee for paying for the full licencing."
  • "The price for the firewall is reasonable."
  • "Its licensing cost is around 700 bucks a year or something like that. It is 100 bucks a month at the most. It seems to be standard licensing with no additional costs."
  • "The price is fair."
  • "There is no license required to use this solution."
  • More Sophos XG Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    672,411 professionals have used our research since 2012.
    Answers from the Community
    Steve Chiyenda
    Mike Parsons - PeerSpot reviewerMike Parsons
    Reseller

    My preference is the Sophos XGS, particularly when you team it up with the Sophos Endpoint Protection client and configure it for synchronized security.  


    Both can be managed through Sophos Central and are available at a decent price for the power they offer the SMB.

    Carlos Roberto Da Silva - PeerSpot reviewerCarlos Roberto Da Silva
    User

    I recommend Sophos XGS firewall. It will offer the best solution for malware protection. 


    Also, I recomend Sophos CIXA with XDR (Sophos Endpoint), so you can use Syncronized Security.

    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at large. In my opinion, Fortinet would be the best option and l use… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fortigate is very stable, reliable, and consistent. We like that we can manage the… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection and… more »
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know the firewalls change every 5 to 7 years as stated but you really do need to… more »
    Top Answer:Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat signatures and updates. I also appreciate that I can just import addresses and URL… more »
    Top Answer:Hi Arvind P ,  The Sophos XG firewall has a number of models right from XG86 to XG135w under the 1U Desktop Form Factor. The Sophos XG appliance that offers a direct competition to the Fortigate 80F… more »
    Ranking
    2nd
    out of 48 in Firewalls
    Views
    96,842
    Comparisons
    63,474
    Reviews
    90
    Average Words per Review
    860
    Rating
    8.3
    6th
    out of 48 in Firewalls
    Views
    58,975
    Comparisons
    43,282
    Reviews
    95
    Average Words per Review
    480
    Rating
    8.2
    Comparisons
    Also Known As
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    Learn More
    Overview

    The Cisco Secure Firewall portfolio delivers greater protections for your network against an increasingly evolving and complex set of threats. With Cisco, you’re investing in a foundation for security that is both agile and integrated- leading to the strongest security posture available today and tomorrow.

      From your data center, branch offices, cloud environments, and everywhere in between, you can leverage the power of Cisco to turn your existing network infrastructure into an extension of your firewall solution, resulting in world class security controls everywhere you need them.

      Investing in a Secure Firewall appliance today gives you robust protections against even the most sophisticated threats without compromising performance when inspecting encrypted traffic. Further, integrations with other Cisco and 3rd party solutions provides you with a broad and deep portfolio of security products, all working together to correlate previously disconnected events, eliminate noise, and stop threats faster.

      Sophos XG Firewall is a complete firewall solution that provides all the real-time security and insights you need to protect your network from ransomware and advanced threats. Sophos XG Firewall provides visibility into suspicious users, unknown and unwanted apps, encrypted traffic, and other threats. With its advanced artificial intelligence capabilities, Sophos XG Firewall immediately identifies potential risks and intrusions on web servers and networks.

      Sophos XG Firewall Features

      Sophos XG Firewall offers a wide range of security features, including:

      • Application control: Prevent widespread infections with XG’s Security Heartbeat. XG Firewall automatically identifies the source of an infection on a network and automatically prevents it from accessing other network resources.

      • Synchronized user ID: Eliminate the need for client or server authentication agents by sharing user identification between the endpoint and the firewall through Security Heartbeat.

      • Centralized management: Easily manage all activities with Sophos Central. The XG cloud management platform allows users to easily set up, manage, and monitor XG firewalls along with other Sophos products. Some of Sophos Central’s features include alerting, backup management, one-click firmware updates, and rapid deployments of new firewalls.

      • Lateral movement protection: Automatically isolate compromised systems at every point in the network to stop attacks dead in their tracks.

      • Network protection: Protect networks from attacks and threats while providing secure network access.

      • Web protection: Gain clear visibility and control over all users’ web and application activity.

      • Web server protection: Solidify web servers and applications against hacking attacks while providing secure web access.

      • Email protection: Consolidate email protection with anti-spam, DLP, and encryption. XG’s Live Anti-Spam provides protection from the most recent spam campaigns, phishing attacks, and malicious attachments. Data Loss Prevention automatically triggers encryption on sensitive data in outgoing emails.

      Reviews from Real Users

      Sophos XG Firewall stands out among its competitors, among other reasons, for its intrusion detection capabilities, its user-friendly management platform, and in general, for being a complete and robust firewall solution.

      Niranjan P., a network & system support engineer, writes, “Sophos is a comprehensive solution which allows me to configure all the attendant products, such as Sophos's firewall, endpoint, and encryption features. A nice feature of Sophos is that it offers in sync and heartbeat security. When my clients have a perimeter involving Sophos firewall and endpoints with Sophos Endpoint, they can communicate with each other.”

      Antonio D., sales manager at INFOSEC, notes, “The product has a console that is based in the cloud for all their products. In this console, they have email security, firewall security, endpoint security, et cetera. All of the products on offer in the console are very useful for us. The solution is stable. The solution works well for enterprises and large-scale organizations.”

      Antony M., ICT/HMIS supervisor at a healthcare company, writes, “The VPN feature is the most valuable. It has come in handy during this period when people are working from home. The filtering feature is also valuable because you can easily filter the sites that you don't want to visit. You can also set timely surfing quotas”

      Offer
      Learn more about Cisco Secure Firewall
      Learn more about Sophos XG
      Sample Customers
      There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
      Information Not Available
      Top Industries
      REVIEWERS
      Financial Services Firm16%
      Comms Service Provider13%
      Computer Software Company9%
      Government8%
      VISITORS READING REVIEWS
      Computer Software Company20%
      Comms Service Provider17%
      Government8%
      Educational Organization5%
      REVIEWERS
      Manufacturing Company11%
      Financial Services Firm11%
      Healthcare Company9%
      Comms Service Provider8%
      VISITORS READING REVIEWS
      Comms Service Provider20%
      Computer Software Company19%
      Government7%
      Educational Organization5%
      Company Size
      REVIEWERS
      Small Business35%
      Midsize Enterprise25%
      Large Enterprise40%
      VISITORS READING REVIEWS
      Small Business28%
      Midsize Enterprise18%
      Large Enterprise53%
      REVIEWERS
      Small Business62%
      Midsize Enterprise25%
      Large Enterprise14%
      VISITORS READING REVIEWS
      Small Business35%
      Midsize Enterprise21%
      Large Enterprise44%
      Buyer's Guide
      Cisco Secure Firewall vs. Sophos XG
      January 2023
      Find out what your peers are saying about Cisco Secure Firewall vs. Sophos XG and other solutions. Updated: January 2023.
      672,411 professionals have used our research since 2012.

      Cisco Secure Firewall is ranked 2nd in Firewalls with 91 reviews while Sophos XG is ranked 6th in Firewalls with 108 reviews. Cisco Secure Firewall is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Cisco Secure Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". Cisco Secure Firewall is most compared with Fortinet FortiGate, Meraki MX, Palo Alto Networks WildFire, pfSense and Azure Firewall, whereas Sophos XG is most compared with Fortinet FortiGate, pfSense, OPNsense, Palo Alto Networks NG Firewalls and WatchGuard Firebox. See our Cisco Secure Firewall vs. Sophos XG report.

      See our list of best Firewalls vendors.

      We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.